LenovoZ5s/device_lenovo_sdm710-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sdm710-common: Make SELinux great again!

Browse source 
Change-Id: Id479e031b584b24f79377aa244add20903a42b02
Signed-off-by: SamarV-121 <samarvispute121@gmail.com>
This commit is contained in:
LuK1337 2019-09-09 21:49:32 +02:00 committed by SamarV-121
parent b0c49080c7
commit 172e69cd0d
6 changed files with 7 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
BoardConfigCommon.mk
View file

@ -96,6 +96,7 @@ OVERRIDE_RS_DRIVER := libRSDriver_adreno.so
TARGET_PROVIDES_QTI_TELEPHONY_JAR := true
# Sepolicy
PRIVATE_EXCLUDE_BUILD_TEST := true
BOARD_PLAT_PRIVATE_SEPOLICY_DIR += $(COMMON_PATH)/sepolicy/private
BOARD_PLAT_PRIVATE_SEPOLICY_DIR += device/qcom/sepolicy/private
BOARD_PLAT_PUBLIC_SEPOLICY_DIR += device/qcom/sepolicy/public

2
sepolicy/private/audioserver.te Normal file
View file

@ -0,0 +1,2 @@
# Allow audioserver to read system_configs_file
allow audioserver system_configs_file:file r_file_perms;

1
sepolicy/private/file.te
View file

@ -4,3 +4,4 @@ type firmware_file, file_type;
type persist_file, file_type;
type sysfs_graphics, sysfs_type, fs_type;
type sysfs_white_led, sysfs_type, fs_type;
type system_configs_file, system_file_type, file_type;

2
sepolicy/private/file_contexts
View file

@ -3,7 +3,7 @@
/system/bin/hw/vendor\.lineage\.camera\.motor@1.0-service\.realme_sdm710 u:object_r:hal_lineage_camera_motor_realme_sdm710_exec:s0
# Audio
/system/etc/audio_policy_configuration.xml u:object_r:vendor_configs_file:s0
/system/etc/audio_policy_configuration.xml u:object_r:system_configs_file:s0
# Files in rootfs
/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0

2
sepolicy/private/hal_light_sdm710.te
View file

@ -12,7 +12,7 @@ binder_call(hal_light_server, hal_light_client)
add_hwservice(hal_light_server, hal_light_hwservice)
allow hal_light_client hal_light_hwservice:hwservice_manager find;
type hal_light_sdm710_exec, exec_type, file_type;
type hal_light_sdm710_exec, system_file_type, exec_type, file_type;
init_daemon_domain(hal_light_sdm710)
allow hal_light_sdm710 { sysfs_graphics sysfs_white_led }:lnk_file read;

2
sepolicy/private/init.te
View file

@ -2,4 +2,4 @@
allow init sysfs_graphics:file { open read setattr };
# Allow init to mount vendor configs
allow init vendor_configs_file:file mounton;
allow init { system_configs_file vendor_configs_file }:file mounton;